Vulnerabilities > Redhat > Virtualization > 4.0

DATE	CVE	VULNERABILITY TITLE	RISK
2023-10-06	CVE-2023-5366	Insufficient Verification of Data Authenticity vulnerability in multiple products A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules. local low complexity openvswitch redhat CWE-345	5.5
2023-10-03	CVE-2023-4911	Out-of-bounds Write vulnerability in multiple products A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. local low complexity gnu fedoraproject redhat CWE-787	7.8
2023-04-10	CVE-2023-1668	Always-Incorrect Control Flow Implementation vulnerability in multiple products A flaw was found in openvswitch (OVS). network low complexity cloudbase debian redhat CWE-670	8.2
2022-10-19	CVE-2022-2805	Cleartext Storage of Sensitive Information vulnerability in Redhat Virtualization 4.0 A flaw was found in ovirt-engine, which leads to the logging of plaintext passwords in the log file when using otapi-style. network low complexity redhat CWE-312	6.5
2022-08-31	CVE-2022-2132	A permissive list of allowed inputs flaw was found in DPDK. network low complexity dpdk fedoraproject debian redhat	8.6
2022-08-26	CVE-2022-0207	Race Condition vulnerability in multiple products A race condition was found in vdsm. local high complexity ovirt redhat CWE-362	4.7
2022-06-30	CVE-2022-2078	Stack-based Buffer Overflow vulnerability in multiple products A vulnerability was found in the Linux kernel's nft_set_desc_concat_parse() function .This flaw allows an attacker to trigger a buffer overflow via nft_set_desc_concat_parse() , causing a denial of service and possibly to run code. local low complexity linux redhat debian CWE-121	5.5
2022-03-25	CVE-2022-0330	Improper Preservation of Permissions vulnerability in multiple products A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. local low complexity linux redhat fedoraproject netapp CWE-281	7.8
2022-03-25	CVE-2022-0435	Out-of-bounds Write vulnerability in multiple products A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed. network low complexity linux redhat ovirt fedoraproject netapp CWE-787	8.8
2022-03-23	CVE-2022-27666	Out-of-bounds Write vulnerability in multiple products A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. local low complexity linux fedoraproject redhat netapp debian CWE-787	7.8